<?php

session_start();
$user = $_POST['username'];
$pass = $_POST['password'];

$link = mysql_connect('localhost', 'root', 'admin');
if (!$link) {
    die('Could not connect: ' . mysql_error());
}
mysql_select_db('dbkaryawan');
$sql = "select * from tuser where username='$user' and pass='$pass'";
//echo $sql;
$rs = mysql_query($sql);
$row = mysql_fetch_array($rs);
if ($row['id'] > 0) {
    $_SESSION['user'] = $row['username'];
}
header('location:../index.php');
?>
